We propose a novel approach to proving the termination of heapmanipulating programs, which combines separation logic with cyclic proof within a Hoare-style proof system. Judgement...
James Brotherston, Richard Bornat, Cristiano Calca...
There is significant room for improving users' experiences with model checking tools. An error trace produced by a model checker can be lengthy and is indicative of a symptom...
This paper describes a general approach to constructing cooperative services that span multiple administrative domains. In such environments, protocols must tolerate both Byzantin...
Amitanand S. Aiyer, Lorenzo Alvisi, Allen Clement,...
Effective testing of safety-critical real-time embedded software is difficult and expensive. Many companies are hesitant about the cost of formalized criteria-based testing and a...
Existing security models require that information of a given security level be prevented from “leaking” into lower-security information. High-security applications must be dem...